185 posts • joined 7 Jul 2009
Re: CRA broke the story in Canada
The National Post are following this and quote other security researchers with a similar line:
There are still a few people complaining about how long it took to "inform the public", but I think it would have taken some time to analyze the data that had collected.
CRA broke the story in Canada
The first thing anyone heard of Heartbleed in Canada was when CRA closed their portal for e-filing of tax returns along with their other portals, but since it is tax filing time people noticed this one. From there, the press picked it up and it made the broadcast news outlets.
I suspect that the six-hour window they are talking about is between the public outing of Heartbleed by Google (and whoever else) and the time it took them to shut down their portals. I can postulate that IT bods at CRA knew about their vulnerability, but could not shut down the portals without higher level approval - it is tax filing time after all. They could have set up an outward packet monitoring system as suggested above while they waited for this approval. Since SIN numbers are pretty standard (nine-digits) it would not be hard to extract these from memory dumps, even if encrypted.
I can't say that I am too worried that someone might have my SIN, however. It is used for calculating taxes, benefits etc. but nothing secure uses an SIN alone as it is not exactly a secret number. More worrying would be the user ID and password which was used to log in as this is a pretty extensively used e-pass system. This is why CRA want to contact these people - the SIN provides them with names of people who had potentially had their login credentials exposed. Getting a new login is a pain because they make a point of being secure (separate mailings of ID and one-time only password which is time-sensitive) so they have not recommended blanket re-certification.
Re: Biased at all?
Yes, but you can lift a fingerprint to fool a static fingerprint reader. Scanning readers make it much harder to do this.
I have been waiting for phones to catch up with PCs on this front for a while. It sounds like where it is placed is the issue, not the scanner per se. I don't see any reason why you can't train it with your thumb sideways (while in landscape mode) just as easily as with a finger vertically, but not actually having one to play with, this is just speculation.
I want my invisible hammock NOW
(is there a flying car graphic here?)
I am just a little worried about an eccentric orbiting red-coloured planet which passes through the Oort cloud entering our solar system. As far as I know, we haven't got our generic engineering skills up to producing telepathic, teleporting dragons yet...
Re: number 4
Or they misheard USB for UBS and (correctly) considered the Union Bank of Switzerland to be an autonomous state...
What a good thought-provoking article.
As someone who could reasonably claim to have been at the forefront of electronic communication (my first on-line presence was a CompuServe account) and can also claim that if not for this, I might not have got married (said account being the main way I kept contact with my future spouse from the other side of the world for over a year), I feel that personal communications are so well served by email that I never got into social media very much. I keep contact with my social group by individual communications as opposed to giving them all access to my day-to-day activities. Has this resulted in a loss of closeness with 'friends' I don't see very often? Not for me personally, but maybe for some people this is a big deal.
However, I never really considered Andrew's point that the very open-ness of your on-line opinions leads to conformity any more than it would when talking to people on a face-to-face basis. I know that I tone down certain opinions when with friends who don't share those opinions so perhaps this is more to do with the fact that people seem to ignore this filter when posting on-line; the vitriol from all sides in comments sections is evidence of this. Into this space I suspect there are relatively few people who take it upon themselves to patrol and police their 'neighbourhoods' - it is just that they seem to be ubiquitous simply because the rest of us put up with them.
Food for thought certainly.
But what a shame...
that Lewis had to include page 2!
I cannot think of any other topic on El Reg that the author is required to add such a disclaimer - pro-Apple or anti-Apple, Windows vs Linux, Firefox vs Opera - none of these is any bit less controversial in terms of people's opinions, but in no other subject does the honesty, impartiality and parentage of the journalist get called into question simply for reporting what other people have said.
I'll say it again, what a shame.
Don't stop Lewis, whether I agree with you or not (and it varies) you are still one of my favourite journos here on El Reg.
I actually quite like this metric as it seems to give an idea of how much a device is being used. OK, we are only talking browsing, but that is what most tablets are used for (and maybe smartphones too - I know I am the dinosaur who thinks the screen is too small, but I accept that I am outnumbered).
Even if you want to say Chitika's ads are not completely representative of the web as a whole, they will still give a good idea of trends as opposed to absolutes. And at least these are talking about use - not sales or distribution numbers which are not all they are cracked up to be.
And it provides some fun column inches (and maybe even starts an Apple/Android bun-fight to boot!)
Problem turned out to be there wasn't an eagle friendly app for one-touch uploading. I think I see an opportunity......
His brilliance was such that people take DNA sequencing methodology completely for granted now - and yet at the time it was completely revolutionary.
Re: Robots of renown
While there "may" have been more people watching Knight Rider when it was being broadcast, I'd challenge anyone to suggest it has had the legacy that K9 has. If you say K9 people know who/what you mean - try asking anyone about Kitt - I think therein lies the question of renown.
A different experience..
One of my lab technicians was rushed in to the on-site clinic with hyperventilation and a racing pulse and although the doctor could find little in the way of a bite, she was given redback AV as her leg was very swollen and tender (just below where her lab coat came to). The results were pretty impressive - with heart rate and breathing back to normal in about 5 minutes. When her leg went down, the bite mark was visible and she received a second dose later that evening when the symptoms came back.
Just anecdotal of course, but it does provide a different experience to the the paper quoted here. Perth doctors/nurses are well used to redback bites as it is our 'native' spider (and the name of a very palatable wheat beer) and there are certainly big differences with treatment of different snake and spider bites so I think it is really a case of trusting to local experience and not treating every bite the same.
Design fault - not manufacturing fault
Recalls of vehicles in production are nearly always due to a manufacturing fault, such that one in so many thousand may have a problem, but once a problem is identified, all of the thousands of vehicles are recalled to check. The battery fire issues with Tesla appears to be a design issue that the battery packs can be punctured by road debris. With hindsight, looks like it should have been anticipated, but that is why we call it hindsight!
The battery fires don't seem to be catastrophic in any way, but the potential for a more serious problem exists and they immobilize the car much more severely than similar accidents affect conventional vehicles. I suspect some kind of re-design is called for, even it is is simple as a reinforced floor panel it will have to be built into the chassis.
This is where Tesla will stand or fall as a manufacturer - does it play for the long haul and swallow the (very big) cost of a re-design or does it try to paper over the issue by saying how many are working well? As a single-product company, the danger is the company fails completely if the product fails so the temptation will be to try and bluff their way through this. I hope they don't do this and have deep enough pockets to get through the re-design process, but with so many companies being driven by share-price these days I have my doubts.
"All information leaks"
... is a truism we should all remember. And another one is that it is the cover-up which gets you caught (and put in jail).
Don't have a dog in the Sammie/Apple fight, but this is the most sensible thing i have heard come out of it so far!
Political summary before the scientific reports...
Hmmmm, not the way I would do it, but then I am only a scientist.
Don't worry - it's natural!
That makes it safe doesn't it? That's why they use it after all because if they used artificial vanillin then they would not be able to label it free from artificial flavours.....
I would not rule out stupidity - we've had demonstrations outside the Czech Republic embassy from people complaining about Chechnya and Osama bin Laden once included Norway on a list of targets - in mistake for Nigeria.
Re: Why Sync?
Because for some of us, having everything in the Cloud is not an option. I have had to get 3rd party software to keep synchronizing with my PC and I really really really miss the ease of the Palm in this respect (although they did get annoying when they changed connectors with every model as Apple seem to be doing now).
The other good point raised above was having the phone sitting next to your PC as as separate item, showing other information. Bit like a second (third - fourth even) screen.
Re: Win on Appeal?
The offense was to encourage people to lie - nothing to do with the lie-detector itself. Besides, doesn't the story say that he pled guilty? Hard to appeal that.
But isn't it better to see this project being evaluated early enough to actually DO something about the cock-up instead of blindly carrying on while the losses mount?
Far be it for me to actually do something other than carp, but this looks like maybe there have been some lessons learned from the IT clusterfucks of the past......
Re: The Nestle Kit-Kat Chocolate is far too sweet
I fully agree - Hershey chocolate is a completely different texture and I never touch it. All a matter of taste, of course, but I know someone who imports Cadbury's into North America and makes a pretty penny doing it. I can even get Nestle KitKat in some shops in Canada (at an inflated price) so there are a good few of us with the same taste!
Have you had Kvikk Lunsj from Freia (probably limited to Norway and Sweden)?
The Norwegians claim this is the original and no self-respecting Norwegian would dare go to mountains without a bar in their pack. I have to say Freia is nice chocolate and probably beats out the Nestle version. Maybe this new version of Android can be called Kvikk Lunsj in Norway?
Re: Wouldn't have happened...
Basically, the polar "ozone hole" [not actually a hole, but a thinning layer] grows and shrinks on a pretty irregular basis. If you pick your dates (and sources) you can show growing or shrinking to your heart's content. Whether us puny humans have anything to do with it is another matter altogether - CFC's destroy ozone in a lab, but their impact in the upper atmosphere has never been proven [not an easy experiment to do, surprisingly enough].
Blaming an exploding mattress on the ban on CFC's to address the ozone hole - wonderful piece of El Reg commentary!
Lenovo is more than just Thinkpad
Lenovo was a big maker of PCs before they bought the PC division of Big Blue. Basically, they kept the Thinkpad line going with very change (I still use them and can't see much difference in quality), but they have a whole hell of a lot of other kit which they have always designed(?) and built themselves.
It strikes me that the date on the original "Five Eyes" doc refer back to the time not long after they hoovered up the Thinkpad line and probably have more to do with things found in their existing lines and the paranoid spooks own imagination than anything that was actually found in the kit.
Not to say they weren't quite correct in being wary, but just because it was a big deal 7 years ago does not mean to say it is still a big deal now.
Re: A more mature approach
I agree whole-heartedly. Apple and Samsung saw their patent war as a way to attack each other instead of what the patent was actually for - a way to get a return for your investment in research.
This is what patents are used for everywhere else - cross-licensing deals abound in all mature industries. It is only in the land-grab of a new technology that people use patents as an exclusion zone.
Maybe Windows originally through they could screw Android over and get their own 'phones out, but since that was not happening, why not make some money anyway? The other side of this is that they probably do have some good IP in there (they have been doing this for a while after all - even if only by buying up other companies) and so if I am making a phone and I want their technology, a $10 bucks per unit license is not a big deal until I can invent around it (or the patent runs out).
The title is not the patent!
I do wish people would stop quoting the title of a patent and assuming that is what is covered. Of course the title and the claims as filed are horrendously broad, but what gets granted is always less than the original claims - sometimes substantially so such that the actual granted claims have little to do with the title any more (which does not get changed regardless).
I don't know what the patents at issue here have as granted claims, but I am sure that they don't cover all "Generating meeting requests and group scheduling from a mobile device" just one particular implementation.
If you want to moan and whinge about patents, learn the difference between the application and the granted claims. As someone who has searched patents for a living (thankfully not any more) I have been led astray by titles too many times - take some advice and go straight for the (granted) claims
Re: "...an FDA-approved pill that uses the body to transmit passwords..."
No, you take lots of them every few hours - they are powered by your stomach acids and thus have only a short lifetime anyway as they are "digestible".
I am more concerned about range as they will have to be able to broadcast their signal through your stomach lining and various other bits and pieces to reach your 'phone, PC or whatever (arms as wires is just marketing crap). So what is to stop the signal authenticating the 'phone of the guy behind you in the queue at Starbucks? It isn't like you can can store your stomach in an RFID opaque case and just take it out when you need it....
Re: The Demon Princes
I read Star King many years ago (and many times, to be fair), but I never realized it was apart of a series until now. I am very bad at looking up other works by authors I have read and liked, but I instantly recognized Jack Vance so it must have stuck with me somehow.
I will probably catch up on the rest of this series now - shame that it is only when they die that many authors get recognition.
$11 m profit, but only after $40 m "zero emissions credit"
Read what the WSJ has reported about TESLA's results:
In 2012 other car makers paid Tesla $40 because in "zero emissions credits" - basically extortion money since electric cars are not zero emissions. Alrady this year, it is estimated at $85 m. However, this is expected to drop in 2014 as other companies push out their own electric cars. Now do you see why Tesla floated this spring and paid back their federal loan? They are toast once they stop getting the credit paid to them by other car makers - they will be shopping for another government loan which probably won't get paid back.
Making the numbers look good.....
Here are the full results:
Category Number Description
Cat 1 65 ” 1. Explicitly endorses and quantifies AGW as 50+% ”
2 934 ” 2. Explicitly endorses but does not quantify or minimise”
3 2934 ” 3. Implicitly endorses AGW without minimising it ”
4 8269 ” 4. No Position”
5 53 ” 5. Implicitly minimizes/rejects AGW”
6 15 ” 6. Explicitly minimizes/rejects AGW but does not quantify”
7 10 ” 7. Explicitly minimizes/rejects AGW as less than 50%”
Pick from this whatever suits your particular political viewpoint - that is what everyone else does....
There is no "spirit" of a law..
.. only the letter.
.. do they still bring them down over solid ground! Every time I see a Soyuz landing I wince - talk about giving you a reason to not come home! Anyone know how many they have lost through mis-firing retro-rockets? I can imagine that in the old USSR such numbers would have been well hidden.
Hmmm, 'phones maybe...
I can see the point of most commentards here that hardware has its issues, but I would still like to have something more secure on my smartphone. I am nerdy enough that I don't store passwords in the applications (websites etc.), but there are so many different things i needs secure access to that I do have the log-in names and passwords on my PC. These are semi hidden and my PC is only accessibly via password or fingerprint reader (which I love by the way - much the quickest way to boot up).
However, I am still way too paranoid to have any of these files on my smartphone, which is so much simpler to steal. I really want a fingerprint scanner on my phone so that I can store some of this sensitive information on there and actually use it as an alternative. Since the swipe scanners work so well on my PC (and can't be fooled by the sticky-tape approach) I really can't see why we can't use that together with NFC for much of what these people here are talking about. I am pretty good about taking my phone with me everywhere after all....
Life imitating art?
I can't be the only one to think this is just a rip-off of the Big Bang Theory?
"Houston, this is not a request - we are basically out the door"
Marketing hype - or market manipulation?
I have come to distrust everything I hear/read on Rim/Blackberry because there are too many people with a vested interest in manipulating the share price up or down. I know many people who actually work for RIM and they are just as amazed at what they read.
It is a shame when a company can live or die by rumour (some of it blatant lies released to manipulate the stock price) - even RIM......
Re: So wait
It is hard for the GFP protein to take the correct fluorescent structure when it is not inside the cell so I don't think you can do fluoro-wool using this method. You can see on the piccies that the green only shows up in skin where there is little wool.
It's a great marker protein to look at control of gene expression 'cos you don't need any other chemicals to see where it is and it pretty much stays in the cell where it is expressed. You can get other modifications that emit different colours (blues and reds), but I don't think anyone has that good control over gene expression to make pretty pictures with them all - yet....
Re: dental records are your first port of call,
Facial photographs would be the first port of call in a recently deceased body, but not in a drowning or immersion as bloating of the cutaneous tissues removes most visual features. If someone has been declared missing (as in this case) then dental records would be readily available after the initial match had been made by sex and body characteristics (height and weight estimates are very quick even on partially consumed bodies) and dental records would be the quickest confirmation.
I still doubt that the bombing had any connection with this poor young man's death, but as jumping to conclusions on little evidence is the theme of this thread I think we should avoid doing that.
Re: Proof of rise of the machines?
I want Rouge Twitter server of my own - these grey ones are boring!
Blackberry reported an analyst for doing just this and they were found guilty by the SEC a week or so ago. Still, their share price has been so volatile lately that I doubt anyone would notice....
Oranges are not the only fruit....
I am at a loss here as to why people are only focussing on Corporation Tax - as though this is the only tax on the whatever number of billion pounds Google has in turnover in the UK. Google employ a lot of people in the UK and all of these people pay income tax, plus the employers NI contributions, plus the VAT on everything Google sells in the UK, thus there is a great deal of UK govt revenue already coming from Google.
In a globalised world economy, national taxes on profits are pretty much negligible as if you make your corporation taxes too high, companies move away and if you force them to pay tax where they employ people, they will move where they employ those people. The EU recognised this and - basically - put employment first by making it easier for a company to register in one EU country and then operate in them all. Individual EU countries then competed to get the company registrations by setting corporate taxes low and other countries competed for jobs by setting other taxes low (I think income tax in Luxembourg is pretty high isn't it?). So what if the UK doesn't get a lot of corporation tax from Google - by the sound of things, the UK is getting a lot of other "goods" from them and UK gov is till getting a lovely big wodge of tax.
Re: The eBook Problem - similar to the DVD problem?
Paying a little extra to have multiple formats is working for me with DVD's. I don't have a Blu-Ray player - YET, but on the basis that when I next replace my home theatre system I will probably have Blu-Ray, buying the DVD/Blu-Ray Combo packs for at most a buck or two more is not a bad deal. There is even a licence in there to download a digital copy if I want. I think this is a model book sellers should look at.
I think the big problem is that the developed economies have already removed the vast majority of soot from their own industries - smokeless coal, power station scrubbers and low-particulate diesel have cleaned up the air in Europe and North America rather well. It is the developing world that is producing most soot now as there is still large amount of wood-based energy production and many, many new coal-fired power stations.
The chances of getting China and India to reduce soot emissions rest with them having alternative power generation of similar density - which implies gas or nuclear and will probably happen anyway as the local inhabitants demand cleaner air. Cities in India have already banned diesel and two-stroke auto-rikshaws, mandating CNG engines, so it shows it can be done. I don't think we need to worry about supranational bodies mandating this change - which is probably why it is not all that popular......
Missing the critical point...
...in the article that the people with the fulfilling jobs all had 5-15 years of work experience. That is what gets you somewhere - the real-world experience AFTER you have obtained your degree. What we have is unrealistic expectations that you can just get your 'dream job" using your degree skills as soon as you graduate - this is the bollocks that needs to be changed in order to have people understand what they will get back from their degree.
Further, the idea that degrees are job training is something which has only recently arisen. Degrees are not "hard science vs soft arts" but vocational vs non-vocational. Vocational degrees used to be just things like medicine, vet, engineering and pretty much all of the rest was non-vocational - including so-called "hard" sciences such as chemistry and physiscs. People did not choose a career, but chose a subject of study and through that study gained a education in how to learn that helped them succeed in their next job. Professional jobs, such as law and accountancy, were made filled by graduates with any degree and trained them on the job. I had many friends who went through this route after their genetics or biochemistry degrees and said that their analytical skills were highly prized. At the same time, administrative jobs were filled by arts graduates who had learned critical skills through their study of medieval art history - and were probably much better because of it.
Except for the vocational degrees mentioned earlier - degrees are not about subject matter but about learning critical and analytical skills. What has changed in the recent expansion of tertiary education is the elevation of non-degree vocational course to a degree-level. Thus we have degree studies in everything from nursing (marginally relevant as nurses are now expected to do a lot more than just "nurse") to Sports Center Management (which is surely something that does not need a degree course of its own). Thus, we are enticing applicants to "train" for a specific job, and then finding out that to do that job requires a lot more than the degree (even if the demand for job still exists). Thus there is disatisfaction.
Since a return to non-vocational degrees is unlikely, what needs to change is the expectation that degree = instant job in field of study.
Re: Not a surprise
No, but there are Danish windfarms being torn down because of complaints from local people. Did it make them sick or did they just get "sick" of the noise?
Re: List your devices
"When I go on vacation I take a virtual Best Buy store in my carry-on" .
Precisely - when you are going on VACATION and entering the US you might get searched, but you won't get arrested if you can't remember all your bits. This guy was questioned and searched LEAVING the US - they obviously had him targeted and asked him about what he was carrying as part of the interrogation. Charging him with just enough to hold him to allow for a full search of the contents of the media is a good move.
I have travelled a lot into and out of the US and there is usually nothing beyond standard airport security for departures, wherever you are going. This was a targeted stop.
Do Yanks really believe all that old toss about they saw about the UK in Murder She Wrote?
Do Brits believe that everyone in the States live in apartments and have friends just drop in to raid their fridge?
Having moved the the US a few years ago I can tell you that we (brits) have just as many misconceptions from watching telly programs. Seinfeld and Friends it is not, I can tell you!
surely has to be in there as a very early consideration of artificial intelligence and what is awareness.
I was always more into SF novels than movies and I spent too much of my youth reading about dystopian futures (which have not come to pass). As an adult working in molecular genetics, Gattaca is probably the best example of an uplifting message nicely hidden in such a way that it is not cloying. My (economist) wife was very worried about watching this with my (genetics researcher) friends as we mercilessly slagged off the ropey science in other movies, but we all left the cinema talking about the concepts not the holes in the technology.
those messages (and the lack of operability - no pun intended) were/are dammed hard to get around. As an Opera user, there are still sites out there that I need to start IE for. And although I haven't tried Firefox/Chrome for a while, I couldn't get to these sites using those browsers either.
I am happy to admit that I use Opera because I am awkward, but I thought the point of having standards was so that different products could compete on an open playing field. If Opera drop their rendering engine and IE continues to play in its own sandbox, there is not much competition out there any more.
Re: Don't know how you write a BB vs rest article without using "keyboard"
"Of the tens of thousands of apps that are in apps stores only tens have any real benefit to a corporation rather than providing warm fuzzies to those who have mingled their personal data into their work environment (thus Blackberry Balance)."
Excellent point. If I see one more person scream about the millions of apps in the iTunes Store or Google Play, I think I might just throw up. The same ten apps copied by 500 different suppliers/developers is still just 10 apps! I had programs on my Palm (before they were called apps) that I still can't find for my Android smartphone - although I am sure they might be out there if I can only wade through the thousands of (cr)apps that clutter the place up first.......
- Batten down the hatches, Ubuntu 14.04 LTS due in TWO DAYS
- FOUR DAYS: That's how long it took to crack Galaxy S5 fingerscanner
- Did a date calculation bug just cost hard-up Co-op Bank £110m?
- Feast your PUNY eyes on highest resolution phone display EVER
- Wall St's DROOLING as Twitter GULPS DOWN analytics firm Gnip